Job Recruitment

Platform Security Engineer (Network Security/Endpoint) – ITD (Contractual), Washington DC, United States At International Monetary Fund (IMF)

Work for the IMF. Work for the World.

This position is being re-advertised. Previous candidates need not reapply.

Job Summary

Under the general supervision of the Division Chief of the Infrastructure & Operations Division, the selected candidate will work in the Cyber Security Platforms Section and report to the Section Chief. The main responsibilities include but are not limited to working in cooperation with the Cyber Security Platforms Section Chief in the configuration, implementation, and management of security tools, enhancing security controls and procedures to ensure confidentiality, integrity, and availability of the organization’s information, proposing new and improved solutions to the Section Chief as needed.

The Cyber Security Platforms section at the Fund is responsible for the implementation and management of the platforms in the following areas:

  •  Network and Cloud Infrastructure Security
  •  Server, Database and Web Application Firewall Security
  •  Identity Access Management (identity and access provisioning)
  •  Federation and Public Key Infrastructure
  •  Infrastructure Vulnerability Remediation
  •  Security Logs
  •  Endpoint (workstations and mobile) device security

Major Duties and Responsibilities

1. Supervises operational work as well as project work (capital and admin), such as the upgrade of Security Technology stack, and introduction of new software and hardware.

2. Works closely with the MSP to measure output against SLAs for services they provide.

3. Supports the development of tactical level technical requirements, architectural designs, and procedures for the deployment of security tools and solutions within Fund environments; to include but not limited to, tool selection, placement, integration with other tools, configuration, and testing.

4. Designs and configures security tools (e.g., network proxy, firewalls, web application firewalls, endpoint threat detection and prevention tools) and solutions for deployment.

5. Develops end-to-end business cases for new and existing security tools and technologies; to include but not limited to, alignment with reference architectures, configuration guides, tool applications, health status checks, management guides, and test plans.

6. Ensures the soundness of an integrated security solution, identifies gaps, and adjusts referenced architectures to local environments.

7. Stays informed of attack trends, zero-day vulnerabilities, methodologies, and risks within the cybersecurity realm.

8. Creates and maintains technical documentation, develops processes and procedures for security tools and systems, and actively reviews current SOPs and documentation for areas of improvement.

9. Uses Security Orchestration and Automated Response solution (SOAR) to enhance security toolsets​.

10. Participates and if needed leads Multi-User Incidents (MUI) work to resolve problems.

11. Performs evaluation of the core requirements, handles complex tactical planning, and takes initiative to implement encryption and security.​

12. Provides guidance to non-information security staff personnel on describing Information security controls and trains on key management and security initiatives.​

13. Contributes to activities of security task force and reviews work of MSPs to ensure adherence of security standards and procedures.

Minimum Qualifications

  •  Advanced degree in information security, computer science, engineering, mathematics, or related field of study plus a minimum of 4 years of progressive and related information security work experience in regulated industries, orBachelor’s degree in information security, computer science, engineering, mathematics, or related field of study and minimum 10 years of progressive and related information security work experience in regulated industries.
  •  Candidates must possess at least 2 of the following certifications: CISSP, CISM, CCSP, CISA, CEH, GIAC certifications, Cisco/Microsoft/AWS advanced security certifications – having more than 2 is a plus.
  •  Hands-on experience in security engineering cybersecurity architecture, host/endpoint technologies, network detection, incident response, or IT tool deployment.
  •  Sound problem resolution, judgment, negotiating and decision-making skills.
  •  Experience in Hybrid Cloud Architectures, Cloud brokering solutions or Cloud Management Solutions for Public/Private Cloud.
  •  Experience with Infrastructure Security Automation, Infrastructure capacity monitoring and automated scaling solutions.
  •  Knowledge of DevSecOps model – Automation of security integration with application code deployment (Jenkins, Maven, Git, Nexus etc.).
  •  Experience with automation/management frameworks.
  •  Experience in Scripting Python, Perl, Bash
  •  Hands-on experience managing the following platforms: Windows Defender, Carbon Black, Mobile device security tools, LogRythm platform administration and DB security platforms.
  •  In-depth understanding of overall Public Key Infrastructures and certificate/key management best practices.

This is a one-year contractual appointment. Contractual appointments at the IMF are renewable for up to four years of cumulative contractual service, pending incumbent’s performance, budget availability, and continuous business need.


ITDEP Information Technology Department Enterprise Platforms

Hiring For:

A11, A12

The IMF is committed to achieving a diverse staff, including age, creed, culture, disability, educational background, ethnicity, gender, gender expression, nationality, race, religion and beliefs, and sexual orientation.


June 2024